1. Field of the Invention
The present invention relates to an encryption/decryption system for encrypting data and decrypting the encrypted data, encryption apparatus, decryption apparatus, and method for those system and apparatus.
2. Background Art
There is a demand that a user wants to gain access to a server through a network so as to be serviced therefrom even if the server is installed in a place an unspecified number of persons can visit.
In the future, a system meeting such a demand will be required to realize, for example, such a service that a user will make a request to a government office through a network for a document including private information, and the requested document will be printed out by use of a printer installed in a convenience store in the neighborhood of the user.
To realize such a system, a mechanism for keeping secret is essential to prevent private information from being leaked. For example, to print out a document is approved by the printer only when a user making a request for the document gains access to the printer.
In addition, even in an office which is not visited by an unspecified number of persons, it is desired that such a mechanism for keeping secret is provided similarly when a plurality of users share a printer.
For example, “Japanese Patent Laid-Open No. 219700/1997” (Document 1) discloses a system for encrypting data by use of an IC card in data communication apparatus.
However, this system is fundamentally premised on one-to-one communication between computers. The system cannot be applied to a system using apparatus to which an unspecified number of persons can gain access, as described above.
In addition, for example, “Japanese Patent Laid-Open No. 167220/1997” (Document 2) and “Japanese Patent Laid-Open No. 2001-111538” (Document 3) disclose encryption/decryption methods in data communication.
However, in the method disclosed in Document 2, a user has to input a private key to a reception terminal when the user receives data. There is a fear that the private key is leaked out.
On the other hand, in the method disclosed in Document 3, a plurality of users cannot be set as destinations for one piece of encrypted data. In addition, when a large number of pieces of encrypted data are spooled in reception apparatus, a user cannot retrieve data addressed to the user.